Community discussions

MikroTik App
 
kwv846
just joined
Topic Author
Posts: 1
Joined: Mon May 08, 2023 3:28 pm

RouterOS 7.9 SSH public key authentication problem

Mon May 08, 2023 4:10 pm

This is my first post here, so forgive me if I've posted this in the wrong spot. I'm unable to reply to the RouterOS 7.9 release announcement where encountered problems are typically posted.
I've got a CAPsMAN setup with a hEX POE as the CAPsMAN and a wAP AC LTE, wAP AC, and hAP AC as the CAPs.
The CAPs are configured to allow SSH connections using public key authentication from the CAPsMAN.
The CAPs have strong-crypto turned off, and the hEX POE has an RSA private key with the corresponding public key installed in the CAPs.
With RouterOS 7.7 and 7.8 on all devices this has worked for months without any problems.
I upgraded the hEX POE and wAP AC to RouterOS 7.9 and public key authentication stopped working when trying to connect from the hEX POE (running RouterOS 7.9) to the various CAP devices which were running a mix of 7.9 and 7.8.
Curiously, using the fetch tool with an SFTP URL to copy files from the CAPsMAN to the CAPs using private key authentication worked, but an interactive SSH session would not.
I then downgraded the hEX POE back to 7.8 and SSH public key authentication started working again, even to the wAP AC running 7.9, so this seems to be a problem with 7.9 when making a interactive SSH connection to another system with SSH public key authentication. I didn't make any configuration changes in any of the devices going from 7.8 to 7.9 and back again.
I looked in the changelog for 7.9, and although some changes and improvements were made to SSH, they don't seem to explain the problem I'm having.

Who is online

Users browsing this forum: britgent, rextended, rjuho and 84 guests